Research security at NSF: Why does it matter?
Securing the nation's research enterprise is part of the mission of the U.S. National Science Foundation and is essential to the national defense. NSF works closely on this effort with its funding agency counterparts and with the law enforcement and intelligence communities — consistently emphasizing the importance of balancing research security with international collaboration in science and engineering.
NSF has dedicated considerable effort and resources to working with the research community and its other partners to:
- Equip researchers with the information and tools necessary to ensure that their work is protected.
- Clarify security issues and mitigate risks.
- Foster transparency, disclosure and other practices that reflect the values of research integrity.
NSF's effort has led to ongoing initiatives aimed at clarifying proposal preparation and award administration requirements, as well as the issuance of new policies and directives in the proposal and award process.
Case study 1: Failure to respond to an OIG subpoena related to foreign funding and affiliations
- An NSF-funded principal investigator is employed by a U.S. organization.
- NSF's Office of Inspector General receives information, including open-source information, that the researcher participates in a foreign talent plan and serves as a faculty member at a foreign organization.
- The PI does not disclose any information about foreign funding/affiliations in NSF proposals, even though that information is required by NSF's Proposal and Award Policies and Procedures Guide.
- NSF's Office of Inspector General issues a subpoena; the researcher produces some documents, including a partial application to a foreign talent program, but, according to the OIG, the documentation provided is insufficient.
- On the OIG's recommendation, NSF suspends the PI's awards to the U.S. organization.
- The researcher, although represented by counsel, resigns from the U.S. organization, and leaves the United States, but fails to fully respond to the subpoena.
- On the OIG's recommendation, NSF imposes a government-wide debarment on the researcher (including a bar on serving as a reviewer, adviser or consultant) for a fixed term. This recommendation is in view of the researcher's failure to respond to the OIG's subpoena (for example, through court action contesting the subpoena or full production of documents) and in view of information indicating that the researcher failed to fully disclose current and pending support in proposals to NSF. At the end of the debarment period, NSF will consider the decision to determine if an extension is necessary to protect the public interest.
- As the PI is no longer involved in the NSF-funded research, NSF lifts the suspension of the awards.
Outcome: While there were no formal proceedings instituted against the researcher in federal court, NSF took three types of actions — award suspension, debarment and lifting of award suspension — at different stages of the OIG's investigation. These actions were tailored to the risk to NSF in view of the information available at the time the action was taken.
Case study 2: Failure to report extended absences and to respond to an OIG subpoena
- NSF's Office of Inspector General receives information that an abstract cites an NSF award for support but lists only authors from foreign organizations. One of the co-authors is the principal investigator for the cited award, which was made to a U.S. organization at which the PI is a faculty member.
- Publicly available information indicates that, in succession over a brief period, the PI's proposal is funded, the PI is selected as a foreign talent plan participant, and the PI begins extended leave to visit family in a foreign country. The term of the extended leave corresponds to the time the PI is listed as having a foreign appointment.
- During this same time, the PI also returns to the United States to serve as an NSF panelist.
- The PI does not disclose foreign support or appointments to NSF or to their U.S. organization.
- The OIG subpoenas the PI for information about employment outside of the U.S. organization. The PI declines, citing restrictions by the PI's foreign employer.
- Based on an OIG recommendation, NSF suspends the award. The organization agrees to terminate, while also returning the funds received after the PI went on leave.
- On the OIG's recommendation, NSF also imposes a bar on the PI serving as an NSF reviewer, adviser or consultant.
Outcome: During the lifecycle of the OIG' s investigation, NSF and the organization took different actions to mitigate risk to NSF, including award suspension and termination, repayment of funds and imposition of a reviewer bar.
Case study 3: Grant fraud involving a foreign talent plan participant
- A professor at a U.S. organization founds a company that relies exclusively on federal grants to fund research, including NSF SBIR/STTR funding.
- The professor/founder also begins working as a paid researcher at a foreign organization.
- NSF's Office of Inspector General receives information that the company does not maintain records required to effectively administer the awards and that the awardee provided false information to NSF about its records systems.
- Additional information developed by the Department of Justice and OIG indicates that the funded research had already been completed at the professor/founder's foreign organization.
- As the investigation develops, NSF, on the OIG's recommendations, suspends awards, terminates awards, withholds final payment and reduces an award amount.
- DOJ files a criminal complaint against the professor/founder.
- Based on the OIG's recommendation, NSF imposes a government-wide suspension on the professor/founder and related companies.
- Evidence is presented at trial indicating that grant funds obtained would be used for research the professor/founder knew had already been done overseas. The professor/founder intended to use the grant funds for other company projects rather than for the projects for which the funds were requested. To obstruct the investigation, the professor/founder submitted falsified timesheets to government investigators.
- Information, including a talent plan contract, becomes available at trial that the professor/founder is a foreign talent plan participant.
- DOJ prosecution results in criminal conviction of the professor/founder of one count of conspiracy to defraud the United States, three counts of making false statements and one count of obstruction by falsification.
- Based on a recommendation by OIG after the professor/founder's conviction, NSF imposes government-wide debarment and a reviewer bar on the professor/founder and related company for a fixed period.
Outcome: During a multi-year investigation, NSF took several administrative actions well before filings in federal court, based on recommendations by the OIG. These included award suspensions, terminations, withholding the final payment/reduction of an award amount and government-wide suspensions. The investigation resulted in a criminal conviction. Thereafter, on the OIG's recommendation, NSF imposed a government-wide debarment in view of the risk to NSF and the professor/founder's lack of present responsibility.
Case study 4: NSF and a science association find research security and integrity violations
A well-published senior researcher at a U.S.-based institution had four awards terminated, which had award funding totaling more than $1 million. During a thorough NSF Office of Inspector General investigation, it was found that the researcher had multiple undisclosed foreign affiliations in violation of NSF's disclosure policies. A scientific association that the researcher belongs to had also convened an independent panel to conduct an investigation based on complaints they received from other association members.
The scientific association investigation found that the researcher violated the association's peer review process by repeatedly sharing reviewer names and individual scores connected with paper submissions to the association. Additionally, the researcher coerced a co-author to proceed with a manuscript submission to the association, despite the co-author's repeatedly expressed concerns about the correctness of the results reported in that manuscript.
Lastly, the researcher was part of a talent recruitment plan, which is itself allowable. However, the malign foreign government talent plan affiliation was not disclosed to NSF and there were terms in the talent plan contract that could be linked to both the nondisclosure issues and the concerning behaviors found by the association's investigation. The researcher has since resigned from the U.S. university and left the United States.
NSF's research security goals seek to:
- Improve transparency and continue to clarify disclosure requirements.
- Coordinate with U.S. government interagency partners to harmonize disclosure information to the extent practicable.
- Communicate and build awareness with the scientific community.
- Share knowledge and best practices.
- Mitigate risk through assessment and analysis to better understand the scale and scope of research security threats.
Overview and Activities: The SECURE Center (Safeguarding the Entire Community in the U.S. Research Ecosystem)
RSI-ISAO Solicitation Webinar
- Two identical webinars
- Registration is required. Register Now!
- When: Monday August 14, 2023 3:00 PM Eastern Daylight Time (US and Canada) and Thursday August 24, 2023 1:00 PM Eastern Daylight Time (US and Canada)
- Topic: Research Security & Integrity Information Sharing Analysis Organization Solicitation (NSF 23-613)
- After registering, you will receive a confirmation email containing information about joining the webinar.
RSI-ISAO Solicitation Webinar Recordings
August 14, 2023
August 24, 2023
The CHIPS and Science Act of 2022 (Public Law No. 117-167, Title III, Subtitle D, Sec. 10338), requires the NSF Director to enter into an agreement with a “qualified independent organization” to establish the Research Security and Integrity Information Sharing Analysis Organization (RSI-ISAO). This organization will empower members of the research community to address foreign interference issues, support a security-informed decision-making structure, provide government officials with situational awareness, and offer the research community access to USG expertise. Importantly, the organization will offload some of the administrative workload from those it serves and empower them to utilize tools and other capabilities not typically available to them.
The specific roles of the RSI-ISAO may be found at https://www.congress.gov/117/plaws/publ167/PLAW-117publ167.pdf in Section 10338.
The agency is actively working to establish the RSI-ISAO in accordance with the requirement and in an effort to strengthen efforts to secure the national research security ecosystem.
RSI-ISAO DCL Webinar Recordings
May 18, 2023
May 24, 2023
Overview and Activities: Research on Research Security Program (RRSP)
NSF is in the process of creating a Research on Research Security Program (RRSP) to fund research that will: (a) identify and characterize attributes that distinguish research security from research integrity; (b) improve understanding of the nature, scale and scope of research security risks; (c) provide insight into methods for identifying, mitigating and preventing research security violations; and (d) develop methodologies to assess the potential impact of research security threats on the U.S. economy, national security, and research enterprise. RRSP also will support the development of partnerships and collaborations of diverse groups of scientists and institutions in this research area as well as training resources for the research community.
RRSP Webinar Recordings
July 13, 2023
July 26, 2023
If you are a staff member from a Sponsored Research Office (SRO) or a member of a federal agency with a research security-related concern, and you would like input from the OCRSSP, please contact firstname.lastname@example.org.
Members of the media should contact email@example.com. Everyone is encouraged to report allegations of waste, fraud, or abuse – including possible violations of laws, rules, or regulations – to the NSF Office of Inspector General Hotline.
The responsibility of securing the nation’s research falls to everyone in the research community, both at home and abroad.
NSF is committed to safeguarding the integrity and security of science while also keeping fundamental research open and collaborative. The agency seeks to address an age of new threats and challenges through close work with partners in academia, law enforcement, intelligence and other federal agencies. By fostering transparency, disclosure and other practices that reflect the values of research integrity, NSF is helping to lead the way in ensuring taxpayer-funded research remains secure.
Federally funded organizations also have a role as stewards of that research — including training the next generation of researchers. Organizations receiving federal funding should demonstrate robust leadership and oversight; establish and administer policies to promote transparency and guard against conflicts of interest and commitment; provide training and information on research security; ensure effective mechanisms for compliance with organizational policies; and implement processes to assess and manage potential risks associated with collaborations and data.
Protecting one's own research from bad actors benefits the entire scientific ecosystem — the individual researcher, community, nation and world. Ultimately, research security is about ethical behavior, regardless of background or origin. Ethical behavior is foundational to the conduct of research, and it can only be achieved when everyone can collaborate in an open environment, shielded from the threats of dishonest and unethical behavior.
NSF welcomes and encourages international collaboration and views it as essential to pursuing the frontiers of science. The agency has a long history of successful, open research collaborations with nations around the world and strongly maintains that scientific research benefits immensely from international cooperation.
The benefits of principled international collaboration include:
- Enabling cutting-edge research that no nation can achieve alone.
- Training a robust science and engineering workforce capable of solving global problems.
- Allowing for significant contributions from international students and scholars to the U.S. research enterprise.
- Strengthening scientific and diplomatic relations.
- Leveraging resources, including funding, expertise and facilities.
Principled international collaboration is critical to success, but improper foreign influence is a threat to international collaboration in the science and technology enterprise. It is important to distinguish the difference.
Balancing research security while maintaining open and collaborative international partnerships is vitally important to the global research ecosystem. NSF is actively involved in fostering international dialogue on how best to mitigate risks from bad actors that threaten the balance of secure research and trusted relationships in the global research community. NSF makes significant contributions in this area as a key U.S. government representative on the Organisation for Economic Co-operation and Development (OECD) G-7 Working Group on the Security and Integrity of the Global Research Ecosystem, which was established to develop principles, best practices and a virtual academy and toolkit on issues relevant to research security and integrity.
NSF encourages U.S. scientists and engineers to enhance their research and education programs through international collaboration. OISE is dedicated to promoting engagement strategies and managing internationally focused programs and partnerships.
To achieve its goals, NSF has worked diligently to put measures in place that strengthen research security and integrity for the federal funded research community and for NSF staff. Actions include:
- Emphasizing compliance with disclosure rules in NSF's Proposal and Award Policies and Procedures Guide both for NSF staff and the institutions and researchers funded by NSF.
- Requiring all NSF personnel to be a U.S. citizen or in the process of becoming a citizen.
- Barring NSF staff from participating in foreign talent recruitment programs.
- Requiring annual "Science and Security Training" for all NSF employees.
Training and education in research security best practices
Click on the items below to learn more about training offered by NSF:
It is important that security risks that threaten research integrity and other risks to the enterprise are addressed both within NSF and across the U.S. research community. NSF staff play a significant role in helping to ensure the security of the research in NSF's proposal and award process. A fundamental step in mitigating risks to the enterprise is ensuring that NSF employees fully understand research security risks, and education and training are a critical step in safeguarding existing processes. To this end, two training courses have been developed and deployed for NSF staff. The first course, "Science and Security Training: Part 1," covers NSF's disclosure policies and the new NSF Policy on Foreign Government Talent Recruitment Programs. This course is required annually for all NSF staff and contractors.
The second training course, "Science and Security Training: Part 2," outlines the implementation of internal processes for handling post-award information, with guidance on how program officers should handle risk assessment for pre-award information. This course is required for all program officers and grants administrators at NSF and is open to all NSF employees. This course specifically focuses on explaining the revised guidance in the Proposal and Award Policies and Procedures Guide.
Together, these internal training courses help NSF:
- Clearly communicate to proposers and awardees about the revised guidance in the Proposal and Award Policies and Procedures Guide (PAPPG), which includes:
- The information senior personnel are required to disclose in the Biographical sketch and Current and Pending Support sections of the proposal.
- How NSF uses the information disclosed in these sections.
- Provide clarity on new requirements on submission of post-award information related to Current and Pending support.
- Assess information disclosed in the Biographical Sketch and Current and Pending Support sections of the proposal and in Post-award Disclosures information.
These internal training courses developed by NSF have been shared widely with other federal partner agencies looking to adapt the training to their organizations. NSF is leading the way as a model agency in this area.
NSF is also behind the effort to develop research security training for the research community. The agency partnered with the National Institutes of Health, the Department of Energy and the Department of Defense on a solicitation seeking proposals for the development of online training modules that will provide recipients of federal research funding with information on risks and threats to the global research ecosystem — and the knowledge and tools necessary to protect against these risks.
This modular training, available here, is intended to enhance awareness and to provide recipients of federal research funding with online training on the existing and emerging risks and threats to the global research ecosystem — and the knowledge and resources necessary to protect against such risks and threats. After completing the training, researchers should be empowered with the tools necessary for protecting their own work. The knowledge gained in these training modules is a critical component to securing federally funded research, while maintaining the current, open and transparent global research ecosystem. Four training modules are in development in the following topical areas, intended for the research community and available publicly:
- Why is research security an important issue? This training discusses the issues of research security and why research security for federally funded research is important for the U.S. government and national security.
- What is a disclosure policy and how will it be used? This training will explain federal funding agency disclosure policies, why this information is important and how it will be used.
- What actions can federally funded research recipients take to manage and mitigate risk? This training will cover how organizations can fulfill their role as stewards of research, including training the next generation of researchers, by demonstrating robust leadership and oversight; establishing and administering policies to promote transparency and guard against conflicts of interest and commitment; providing training, support and information on research security; ensuring effective mechanisms for compliance with organizational policies; and implementing processes to assess and manage potential risks associated with collaborations and data.
- Is international collaboration encouraged? This training will emphasize that principled international collaboration is critical to success, but that improper foreign influence is a threat to international collaboration in the science and engineering enterprise and will discuss the important differences.
The knowledge gained through this training will be a critical component of securing federally funded research, while maintaining the current open and transparent global research ecosystem. Importantly, this training addresses a requirement in the "CHIPS and Science Act of 2022" for NSF to "train researchers on best practices and prohibit federal employees and university researchers from participating in so-called malign foreign talent recruitment programs." The training may also be used to partially fulfill the research security program requirement in The National Security Presidential Memorandum – 33.
Research security analytics guidelines
In 2023, NSF published how it approaches research security data-related practices. The guidelines include a breakdown of which agency personnel may conduct research security-related activities; what monitoring activities are allowed and with what resources they are conducted; how information will be validated to ensure accuracy; and how information may be shared within NSF and externally.
Research security actions
Click on the items below to learn more about NSF’s research security actions:
NSF's overall research security activities respond to the JASON report, "Fundamental Research Security," which was commissioned by NSF and published in December 2019, as well as subsequent legislation passed by Congress.
Since the report was published, NSF has worked to expand capabilities and competencies to protect the U.S. science and engineering enterprise through its research security strategy and policy activities.
- In Fiscal Year 2021, NSF funded a JASON study on cybersecurity at NSF's major research facilities; in response to the JASON recommendations, NSF is developing new guidance for these research facilities and strengthening its major facility oversight in this area.
- In January 2022, the National Science and Technology Council issued "Guidance for National Security Presidential Memorandum 33 (NSPM-33) on National Security Strategy for United States Government-Supported Research and Development."
- NSF commissioned a JASON study in FY 2022 to provide guidance on the establishment of a Research on Research Security funding program that is expected to begin in FY 2023.
Specific activities for FY 2023 include the following:
- NSF is working together with other federal research agencies to establish uniform mechanisms for research investigators to provide agencies with consistent information on their appointments, activities and sources of financial support; many of these mechanisms will be made available to the community during FY 2023.
- NSF will establish a Research on Research Security funding program in FY 2023 using guidance from a JASON FY 2022 study. NSF is seeking U.S. federal agency and nonprofit organization partners to collaborate on this program.
- NSF has established new analytic capabilities to proactively identify conflicts of commitment, vulnerabilities of pre-publication research, and risks to the merit review system, and has published a System of Records Notice that will enable NSF to begin utilizing those capabilities in FY 2022 and FY 2023.
- To ensure clear understanding of research security issues, NSF disclosure requirements and the tenets of beneficial international collaboration, NSF has developed training resources for staff that will continue to be refined in FY 2023.
- As previously discussed, in Training for the research community, through a partnership with the federal government interagency community, NSF has issued a solicitation to develop training resources for the research community, which will be funded in early FY 2023.
The "CHIPS and Science Act of 2022" is a historic investment to increase production of American-made semiconductors, tackle supply chain vulnerabilities to make more goods in the United States, revitalize U.S. scientific research and technological leadership, and strengthen the nation's economic and national security at home and abroad. The act includes significant investments and protections for research and development with specific guidance to NSF to do the following:
- Empower NSF research security: The act requires NSF to maintain a Research Security and Policy Office to identify potential security risks.
- Train researchers on best practices and prohibit federal employees and university researchers from participating in malign foreign talent recruitment programs: The act requires covered individuals seeking funding from federal research agencies to complete annual training on research security.
- Create a research security and integrity information-sharing organization: The act requires the establishment of an organization that would serve as a clearinghouse for information that helps institutions and researchers identify improper and illegal efforts that compromise research security.
- Ensure transparency: The act requires universities applying for NSF funds to disclose agreements and gifts from China and other "foreign countries of concern." Also prohibits NSF funding from going to universities with Confucius Institutes.
The National Security Presidential Memorandum – 33 (NSPM-33) was signed on January 14, 2021. NSPM-33 directs federal funding agencies to strengthen protections of U.S. government-supported research and development against foreign government interference and exploitation. NSPM-33 seeks to clarify and simplify how researchers disclose information to the federal government. Specifically, Section 4(g) of NSPM-33 directs that “heads of funding agencies shall require that research institutions receiving Federal science and engineering support in excess of 50 million dollars per year certify to the funding agency that the institution has established and operates a research security program. As such, “the federal government” is tasked with “providing standardized technical assistance to support development of training content and programmatic guidelines, tools, and best practices to be made available to organizations for incorporation into research security programs at their discretion.”
The training modules in development under the direction of NSF are examples of best practices in action. NSF is taking essential steps toward mitigating foreign government risks and threats to U.S. government-funded research and working to fulfill government mandates to protect federally funded research as outlined in the NSPM-33 and the CHIPS and Science Act of 2022.
Foreign interference and risk mitigation
NSF's goal is to maintain a vibrant science and engineering community that can participate in domestic and global collaborations. However, there are actors who try to take advantage of the openness of the research community and choose not to uphold the values of the science and engineering community.
Disclosure and transparency
A main issue related to foreign interference in NSF-funded research is the omission of information in disclosures, including appointments, affiliations and current and pending support from external funding sources. Transparency and disclosure are needed to properly assess risk. When information is deliberately omitted or concealed, the grant-making process is compromised.
Disclosures are made in three distinct sections of an NSF proposal: Collaborator and Other Affiliations, the Biographical Sketch, and Current and Pending Support.
This information is used as follows:
- Collaborators and Other Affiliations are listed in a separate, single copy document and are used by NSF program staff to help manage reviewer selection and avoid conflicts of interest in the review process.
- The Biographical Sketch is used by NSF program staff and external reviewers to assess how well qualified the individual, team or organization is to conduct the proposed activities.
- The Current and Pending Support information is used by NSF program staff and external reviewers to assess the capacity of the individual to carry out the research as proposed, as well as to help identify any potential overlap or duplication with the project being proposed.
Note, NSF treats the withholding of information as noncompliance with its disclosure requirements.
Conflicts of interest
The other main category of foreign interference is with conflicts of interest and conflicts of commitment. NSF defines a "conflict of interest" as a situation in which an individual who is responsible for the design, conduct or reporting of research or educational activities funded or proposed for funding by NSF (or the individual's spouse or dependent children) has a significant financial interest or financial relationship that would reasonably appear to be affected by the proposed research or educational activity.
“Conflict of commitment” as defined in the official Guidance for Implementing NSPM-33, is a situation in which an individual accepts or incurs conflicting obligations between or among multiple employers or other entities. Many organizational policies define conflicts of commitment as conflicting commitments of time and effort, including obligations to dedicate time in excess of organizational or research agency policies or commitments. Other types of conflicting obligations, including obligations to improperly share information with, or to withhold information from, an employer or research agency, can also threaten research security and integrity, and are an element of a broader concept of conflicts of commitment used in this document.
NSF's collaborative, well-established relationship with the OIG has been an important aspect of our response to threats to NSF-funded research from foreign interference. We promptly address potential threats when identified, frequently referring appropriate matters to OIG. Similarly, when appropriate, OIG notifies us of matters requiring our attention. Administrative actions may be recommended by OIG at any point in an investigation. Such actions may include award suspensions, award terminations, government-wide suspensions of PIs and entities, and/or government-wide debarments. The scope of the administrative actions is appropriately tailored to the risk to NSF, based on the information developed by the OIG's investigation at the time of the action is taken.
White House and Congress
- National Security Presidential Memorandum – 33
- Implementation guidance for National Security Presidential Memorandum-33implementation guidance
- NSF's research security: Fiscal Year 2023 Budget Request to Congress
- U.S. Senate Committee CHIPS Act fact sheet
- National Security Strategy, Oct 2022
- JASON study: "Research Program on Research Security"
- JASON study: "Fundamental Research Security"
- Fact sheet: "Fundamental Research Security"
- News release: NSF releases JASON report on research security
- “National Science Foundation Response to the JASON Report”
NSF policies and tools
- News release: NSF creates new research security chief position
- Program Solicitation: Research Security Training for the United States (U.S.) Research Community (NSF 22-576)
- Informational Webinar Video for program solicitation NSF 22-576
- Research security toolkit
Other U.S. Government Resources
Notable research security guidance from international entities
- G7 - Common Values and Principles on Research Security and
- Research Integrity
- G7 Best Practices for Secure and Open Research
- OECD publication: "Integrity and Security in the Global Research Ecosystem"
Tools and definitions
(Below - As defined by OECD/G7)
- Research integrity: The use of honest and verifiable methods in proposing, performing and evaluating research; reporting research results with particular attention to adherence to rules, regulations and guidelines; and following commonly accepted professional codes or norms.
- Research security: Safeguarding the research enterprise against the misappropriation of research and development to the detriment of national or economic security, related violations of research integrity and foreign government interference.
- UK Research Collaboration Advice Team (RCAT)
- Government of Canada Safeguarding Your Research
- Australian Research Council Countering Foreign Interference
- Government of the Netherlands Contact Point for Knowledge Security
- German Academic Exchange Service Competence Center for International Academic Cooperation